Following the reports that newer versions of Carbanak malware now use Google services to host command-and-control infrastructure to infect organizations and exfiltrate data (the Carbanak group has previously stolen more than $1 billion from banks around the world). IT security experts from Balabit, Lastline, CipherCloud and VASCO Data Security commented below.
Balazs Scheidler, CTO and Co-founder at Balabit:
Phishing and malware installation is an uphill battle enterprises are constantly fighting. Organizations must concentrate on preventing and containing breaches, and especially on detecing those vectors where breached internal computers and user accounts are used to identify and exfiltrate their most important assets.
“We probably don’t store the most sensitive data assets in workstations, thus a breach only becomes really interesting once the breached workstation and user credentials are leveraged to go after an enterprise’s most valuable data and secrets.
“This is where the important role of privileged user behavior analytics comes into play. It can pinpoint the anomalous behaviors of hijacked accounts, which is a pretty good indicator of a breach happening.”
Christopher Kruegel, Co-founder, and CEO at Lastline:
.
.
Sundaram Lakshmanan, VP of Technology at CipherCloud:
.
.
John Gunn, VP of Communications at VASCO Data Security:
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.